The bug was discovered by developers at Mozilla. It's unclear which browsers supported the vulnerable library files.

Previous problems involving the rendering of PNG files have spawned drive-by download attacks, so the resolution of the latest problem at an early stage is to be welcomed.

In related news, developers also fixed a similar flaw in the libtiff library. Version 3.9.4 of the libtiff library plugs a buffer overflow bug that might be abused by specially crafted SubjectDistance tags, H Security reports. ®